class SessionsController < ApplicationController

  def create
    user = User.find_by_login_and_password(params[:login], params[:password])
    if !user.nil?
      user_session = Session.find_by_user_id(user.id)
      if user_session.nil?
        user_session = Session.new
        user_session.user_id = user.id
        user_session.token = Session.create_token(user.id)
        session[:user] = user_session.token
        user_session.save
      else
        user_session.token = Session.create_token(user.id)
        session[:user] = user_session.token
        user_session.save
      end
    else
      flash[:notice] = "Incorrect username and/or password."
    end
    redirect_to home_path
  end

  def destroy
    ses = Session.find_by_token(session[:user])
    ses.destroy
    session[:user] = nil
    redirect_to home_path
  end
  
end
